<?php
class admin_controller extends common {
	const fields = array('user' => '用户名', 'pass' => '密码', 'name' => '姓名', 'sex' => '性别', 'birthday' => '生日', 'mobile' => '手机号码', 'email' => '邮箱', 'avatar' => '头像', 'loginTime' => '最后登录', 'status' => '状态');
	
	function admin_list() {
		if (empty($_POST['page']) || !is_numeric($_POST['page']) || $_POST['page'] < 1) {
			$_POST['page'] = $this->def_page;
		}
		if (empty($_POST['limit']) || !is_numeric($_POST['limit']) || $_POST['limit'] < 30) {
			$_POST['limit'] = $this->def_limit;
		}
		$limit     = 'ORDER BY a.`pId` ASC LIMIT ' . ($_POST['page'] - 1) * $_POST['limit'] . ', ' . $_POST['limit'];
		$tableName = 'admin_user';
		
		filter_post(self::fields, true);
		
		$wheres = array();
		foreach ($_POST as $key => $value) {
			if ($key === 'loginTime' && preg_match('/^[1-9]\d{3}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])\s+(2[0-3]|[0-1]\d):[0-5]\d:[0-5]\d$/', $value))
				$wheres[] = "a.`{$key}` >= '{$value}'";
			else if (in_array($key, array(
					'sex',
					'status'
				)) && is_numeric($value)) {
				$wheres[] = "`{$key}` = {$value}";
			} else
				$wheres[] = "`{$key}` LIKE '%{$value}%'";
		}
		$where = count($wheres) > 0 ? implode(' AND ', $wheres) : '';
		
		if (false === $rows = $this->sql->where($where)->select($tableName))
			return msg(1, '获取数据失败！');
		
		return msg(0, null, array(
			'count' => $this->sql->where($where)->count($tableName),
			'data' => $rows
		));
	}
	
	// 添加
	function add() {
		$tableName = 'admin_user';
		
		filter_post(self::fields, true);
		
		if (!isset($_POST['user']) || !isset($_POST['pass']))
			return msg(1, '参数非法！');
		
		if ($res = $this->sql->field('id')->where(array(
			'user' => $_POST['user']
		))->select($tableName, $_POST))
			return msg(2, '添加失败，已存在此用户名！');
		
		if (!$res = $this->sql->insert($tableName, $_POST))
			return msg(4, '添加失败！');
		
		$this->log('添加管理员：' . $_POST['user'] . (isset($_POST['name']) ? " ({$_POST['name']})" : ''));
		return msg(0, '添加成功！', array(
			'parent' => true
		));
	}
	
	// 修改
	function update() {
		$tableName = 'admin_user';
		$not       = array(
			'loginTime' => '登录时间',
			'status' => '状态'
		);
		
		$ids = preg_match_all('/(?<=^|,)\s*(\d+)\s*(?=,|$)/', $_POST['id'], $m) > 0 ? $m[1] : array();
		
		$items = filter_post(self::fields);
		
		if (empty($ids) || count($_POST) < 1)
			return msg(1, '参数非法！');
		
		if (in_array($this->admin['id'], $ids)) {
			$notItem = array_intersect_key($not, $_POST);
			if (count($notItem) > 0)
				return msg(2, '不能修改自己的：' . implode(array_values($notItem)));
		}
		
		if (!$res = $this->sql->where("`id` IN (" . implode(',', $ids) . ")")->update($tableName, $_POST))
			return msg(3, '修改失败！');
		
		$values = count($_POST) > 1 ? json($_POST, false) : array_shift($_POST);
		
		$this->log('修改管理员：' . implode(', ', $items) . "\nid：" . implode(',', $ids) . "\n值：" . $values);
		
		return msg(0, '修改成功！');
	}
	
	// 删除
	function delete() {
		$tableName = 'admin_user';
		
		$ids = preg_match_all('/(?<=^|,)\s*(\d+)\s*(?=,|$)/', $_POST['id'], $m) > 0 ? $m[1] : array();
		
		if (empty($ids))
			return msg(1, '参数非法！');
		
		if (in_array($this->admin['id'], $ids))
			return msg(2, '不能删除自己');
		
		if (!$res = $this->sql->where("`id` IN (" . implode(',', $ids) . ")")->delete($tableName))
			return msg(3, '删除失败！');
		
		$this->sql->increment($tableName);
		$this->log('删除管理员：' . implode(',', $ids));
		
		return msg(0, '删除成功！', array(
			'url' => true
		));
	}
}